查看 | 历史 | 提交 | 提交对比
Administrator
2022-09-14 58d006e05dcf2a20d0ec5367dd03d66a61db6849
提交 | 用户 | 时间
58d006 1 package com.mandi.servlet;
A 2
3 import java.io.IOException;
4 import java.util.UUID;
5
6 import javax.servlet.Filter;
7 import javax.servlet.FilterChain;
8 import javax.servlet.FilterConfig;
9 import javax.servlet.ServletException;
10 import javax.servlet.ServletRequest;
11 import javax.servlet.ServletResponse;
12 import javax.servlet.annotation.WebFilter;
13 import javax.servlet.http.HttpServletRequest;
14 import javax.servlet.http.HttpSession;
15
16 import org.apache.log4j.Logger;
17 @WebFilter(filterName="tokenfilter",urlPatterns={"*.jsf","*.htm"})
18 public class Tokenfilter implements Filter {
19     private Logger log=Logger.getLogger(Tokenfilter.class);
20     String token_s_name;
21     String token_c_name;
22     @Override
23     public void destroy() {
24         
25     }
26
27     @Override
28     public void doFilter(ServletRequest arg0, ServletResponse arg1,
29             FilterChain arg2) throws IOException, ServletException {
30         HttpServletRequest r=(HttpServletRequest)arg0;
31         HttpSession s=r.getSession();
32         Object token_s=s.getAttribute(token_s_name);
33 //        log.info("token_s:"+token_s);
34         if(token_s==null)
35         {
36             s.setAttribute(token_s_name, UUID.randomUUID().toString());
37             arg2.doFilter(arg0, arg1);
38             return;
39         }
40         String token_c=r.getParameter(token_c_name);
41         if(token_c==null)
42         {
43             arg2.doFilter(arg0, arg1);
44             return;
45         }
46         s.setAttribute(token_s_name, UUID.randomUUID().toString());
47         if(token_c.equals(token_s))
48         {
49             arg2.doFilter(arg0, arg1);
50             return;
51         }
52     }
53
54     @Override
55     public void init(FilterConfig arg0) throws ServletException {
56         token_s_name="stoken";
57         token_c_name="ctoken";
58     }
59
60 }